<?php
/**
 * Created by PhpStorm.
 * User: mojie126
 * Date: 2017/9/5 0005
 * Time: 下午 14:16
 */

namespace app\common;


use app\index\model\Users;
use think\Controller;

class rbac extends Controller
{
	static private $users = "users";
	static private $role = "user_role";
	static private $per = "user_permission";
	static private $gro = "user_group";
	static private $role_per = "user_role_permission";
	static private $role_group = "user_role_group";

//	static public function createRole($name, $desc, $sort = 0)
//	{
//		//创建角色
//		$insert = [
//			"name" => $name,
//			"description" => $desc,
//			"sort" => $sort
//		];
//
//		return db(self::$role)->insert($insert);
//	}
//
//	static public function createPermission($name, $desc, $path, $status = 1)
//	{
//		//创建权限
//		$insert = [
//			"name" => $name,
//			"description" => $desc,
//			"path" => $path,
//			"status" => $status
//		];
//
//		return db(self::$per)->insert($insert);
//	}
//
//	static public function createGroup($name, $desc, $sort = 0)
//	{
//		//创建用户组
//		$insert = [
//			"name" => $name,
//			"description" => $desc,
//			"sort" => $sort
//		];
//
//		return db(self::$gro)->insert($insert);
//	}
//
//	static public function editRole($role_id, $name, $desc, $sort = 0)
//	{
//		//编辑角色
//		$update = [
//			"name" => $name,
//			"description" => $desc,
//			"sort" => $sort
//		];
//
//		return db(self::$role)->where("id", $role_id)->update($update);
//	}
//
//	static public function editPermission($per_id, $name, $desc, $path, $status = 1)
//	{
//		//编辑权限
//		$update = [
//			"name" => $name,
//			"description" => $desc,
//			"path" => $path,
//			"status" => $status
//		];
//
//		return db(self::$per)->where("id", $per_id)->update($update);
//	}
//
//	static public function editGroup($gro_id, $name, $desc, $sort = 0)
//	{
//		//编辑用户组
//		$update = [
//			"name" => $name,
//			"description" => $desc,
//			"sort" => $sort
//		];
//
//		return db(self::$gro)->where("id", $gro_id)->update($update);
//	}

	static public function delRole($role_id)
	{
		//删除角色
		try {
			db()->transaction(function () use ($role_id) {
				db(self::$role)->where("id", $role_id)->delete();
				db(self::$role_per)->where("roleid", $role_id)->delete();
				$groupid = db(self::$role_group)->where("roleid", $role_id)->value("groupid");
				db(self::$role_group)->where("roleid", $role_id)->delete();
				db(self::$users)->where("isadmin", $groupid)->update(["isadmin" => 1]);
			});

			return TRUE;
		} catch (\Exception $exception) {
			return FALSE;
		}
	}

	static public function delPermission($per_id)
	{
		//删除权限
		try {
			db()->transaction(function () use ($per_id) {
				db(self::$per)->where("id", $per_id)->delete();
				db(self::$role_per)->where("perid", $per_id)->delete();
			});

			return TRUE;
		} catch (\Exception $exception) {
			return FALSE;
		}
	}

	static public function delGroup($gro_id)
	{
		//删除用户组
		try {
			db()->transaction(function () use ($gro_id) {
				db(self::$gro)->where("id", $gro_id)->delete();
				db(self::$role_group)->where("groupid", $gro_id)->delete();
				//该用户组的用户全部重置为普通用户
				db(self::$users)->where("isadmin", $gro_id)->update(["isadmin" => 1]);
			});

			return TRUE;
		} catch (\Exception $exception) {
			return FALSE;
		}
	}

	static public function getRoleList()
	{
		//获取角色列表
		return db(self::$role)->select();
	}

	static public function getPermissionList($page = "", $limit = "")
	{
		//获取权限列表
		return db(self::$per)
			->page($page, $limit)
			->select();
	}

	static public function getGroupList()
	{
		//获取用户组列表
		return db(self::$gro)->select();
	}

	static public function getRoleListFromGroupID($groupid, $page, $limit)
	{
		//根据用户组ID获取角色列表
		return db(self::$role_group)
			->alias("urg")
			->join("__USER_ROLE__ ur", "ur.id = urg.roleid")
			->page($page, $limit)
			->where("groupid", $groupid)
			->select();
	}

	static public function getPermissionListFromRoleID($roleid, $page, $limit)
	{
		//根据角色ID获取权限列表
		return db(self::$role_per)
			->alias("urp")
			->join("__USER_PERMISSION__ up", "up.id = urp.perid")
			->page($page, $limit)
			->where("roleid", $roleid)
			->select();
	}

	static public function assignUserGroup($gro_id, $uid)
	{
		//给用户赋予用户组
		return db(self::$users)->where("uid", $uid)->update(["isadmin" => $gro_id]);
	}

	static public function assignRolePermission($role_id, $permission = [])
	{
		//给角色赋予权限
		$rolePermission = [];
		foreach ($permission as $v) {
			$rolePermission[] = ['roleid' => $role_id, 'perid' => $v];
		}

		return db(self::$role_per)->insertAll($rolePermission);
	}

	static public function assignRoleGroup($group_id, $role = [])
	{
		//给用户组赋予角色
		$roleGroup = [];
		foreach ($role as $v) {
			$roleGroup[] = ['groupid' => $group_id, 'roleid' => $v];
		}

		return db(self::$role_group)->insertAll($roleGroup);
	}

	static public function getGroupNameFromUID($uid)
	{
		//根据UID获取用户组名称
		$info = Users::getUserAdmin($uid);

		return db(self::$gro)->where("id", $info)->value("name");
	}

	static public function getRoleNameFromUID($uid)
	{
		//根据UID获取角色名称
		$info = Users::getUserAdmin($uid);

		return db(self::$role)->where("id", $info)->value("name");
	}

	static private function getPermissionFromUID()
	{
		//根据UID获取用户所有权限
		$info = Users::getUserAdmin(session("uid"));
		$permission = db(self::$per)->alias("p")
			->join(self::$role_per . " rp", "p.id=rp.perid")
			->join(self::$role_group . " rg", "rp.roleid=rg.roleid")
			->where("rg.groupid", $info)
			->where("p.status", 1)
			->select();
		$newPermission = [];
		if (!empty($permission)) {
			foreach ($permission as $k => $v) {
				$newPermission[strtolower($v['path'])] = $v;
			}
		}
		cache("permission", $newPermission);

		return TRUE;
	}

	static public function canAccess($url = "")
	{
		//检查用户是否可以访问该路径
		if (empty($url)) {
			$path = strtolower(getControllerAndAction());
		} else {
			$path = $url;
		}
		if (!$path) {
			return FALSE;
		}
		self::getPermissionFromUID();
		$permissionList = cache("permission");
		if (isset($permissionList[$path]) && !empty($permissionList[$path])) {
			return TRUE;
		}
		foreach ($permissionList as $k => $v) {
			if ($k === "*") {
				return TRUE;
			}
		}

		return FALSE;
	}
}